Governance attack
One of the premises of decentralized governance is that token holders will act in good faith as they are holding assets and thus are exposed to the consequences of the decisions and votes they make.
This is for example the rationale behind the Maker Emergency Shutdown module, which requires to burn a consequent amount of MKR in order to shutdown the maker protocol. As of today the amount of MKR in Aave isn’t enough to trigger the emergency shutdown but the last thing we should want for the protocol is that the growing interest from the Maker community in using Aave puts the Maker Protocol and DAI, an essential building block of our ecosystem, at risk.
Beyond Maker, it’s all the decentralized governance ecosystem which can fall victim to such an attack. The closest exemple to such a governance attack is what happened with the Steem blockchain with centralized exchanges getting involved. Not your tokens, not your protocol.
This was an influence based attack, but a whale backed attack in DeFi would look like someone using ETH as collateral to borrow YFI, MKR, UNI or Aave in order to propose and pass a malicious proposal. This is a threat that makes governance aware and risk averse stakeholders reluctant to use protocols such as Aave since, as they use their token as collateral, someone else can borrow those tokens for governance attack.
Voting with aTokens
aTokens are the representations of your deposits in the Aave protocol.
To prepare the ongoing token migration, LEND borrowing was blocked which also enabled the use of aLEND as a voting asset, since double voting was not possible as the underlying LEND could not be borrowed.
This was a success and open now the possibility for other protocols to support aTokens votings.
If the underlying token can’t be borrowed, then risk averse stakeholders could vote in their respective governance using aTokens if the protocol supports it (As they should!)
aUNI, aMKR, aAave and aYFI could be used for both governance in their respective protocol and leverage in Aave.
Regarding the Aave governance, it seems clear that it can’t allow voting with aAave if Aave can be borrowed as it opens to a “leverage governance attack” : e.g. a holder of 100 AAVE could deposit it into the protocol, getting 100 AAVE. Somebody else (or himself, but lower amount) could then borrow the 100 AAVE. At this point, from 100 AAVE, 200 “units of voting power” have been created. Even considering from the governance that the supply to measure voting power from should be 200 (AAVE+aAAVE), in practice, a person doing this kind of leverage by himself will just “boost” his voting power compared with plain AAVE holders not leveraging.
Enabling aToken support also solves the difficult of calculating the proper combined supply and with it percentage over it: e.g. in a potential scenario where to submit a proposal to the Aave governance is needed a percentage of combined AAVE+aAAVE+stkAAVE supply, the fair calculation of this percentage is more complex than just using the AAVE supply (as non-deposited AAVE supply + aAAVE supply = AAVE supply).
For the previous reasons, there are two points of discussion/solutions proposed for this thread, with complete openness for others appearing:
-
Not enabling AAVE and UNI as borrowing assets on the Aave protocol and disabling MKR and YFI, while pushing for those protocols to support aUNI, aYFI and aMKR voting.
-
Setting a global borrowing limit on those assets in the Aave protocol, considering the governance voting thresholds, and taking this limit into account on the calculation of voting power.
This thread is inspired and consequential to the discussion/polling with positive outcome here Aave Protocol Token Addition - Community Sentiment Poll , and Proposal to add AAVE as collateral only.
What are your thoughts on the matter and which road do you think is the best for the growth of the aave protocol and the safety of DeFi governance as a whole ?